This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/ae8c35-f9d7-437b-8996-32a4278e5bc5/1/lwhyRZO0dTF1shSBLPaJGmRfhMU.mft File: lwhyRZO0dTF1shSBLPaJGmRfhMU.mft (raw, json) Hash identifier: Txvi39Y/wZRhjgL2/MI1NaFlNGMN8IKb10aHP3mmh9g= Subject key identifier: 28:85:E5:7D:DA:F8:6D:10:66:D6:4E:2A:87:97:A7:9E:6F:7F:BC:EE Authority key identifier: 97:08:72:45:93:B4:75:31:75:B2:14:81:2C:F6:89:1A:64:5F:84:C5 Certificate issuer: /CN=9708724593b4753175b214812cf6891a645f84c5 Certificate serial: 019B3F4891349A53A1176ABA74AB338E5927 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lwhyRZO0dTF1shSBLPaJGmRfhMU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/ae8c35-f9d7-437b-8996-32a4278e5bc5/1/lwhyRZO0dTF1shSBLPaJGmRfhMU.mft Manifest number: 02AF Signing time: Sun 21 Dec 2025 05:01:18 +0000 Manifest this update: Sun 21 Dec 2025 05:01:18 +0000 Manifest next update: Mon 22 Dec 2025 05:01:18 +0000 Files and hashes: 1: lwhyRZO0dTF1shSBLPaJGmRfhMU.crl (hash: dQZZzi7URAJ/cZGOFXQWHnWJN11ndUzye4QhmhMVDL8=) 2: tTnQsLwHNO3gLW3S0MP8mMKmk64.roa (hash: DzDj3u7iBFvq9rklayzZVdsYdkT8c0vWssYs/0kky9E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/ae8c35-f9d7-437b-8996-32a4278e5bc5/1/lwhyRZO0dTF1shSBLPaJGmRfhMU.crl rsync://rpki.ripe.net/repository/DEFAULT/99/ae8c35-f9d7-437b-8996-32a4278e5bc5/1/lwhyRZO0dTF1shSBLPaJGmRfhMU.mft rsync://rpki.ripe.net/repository/DEFAULT/lwhyRZO0dTF1shSBLPaJGmRfhMU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:48:91:34:9a:53:a1:17:6a:ba:74:ab:33:8e:59:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9708724593b4753175b214812cf6891a645f84c5 Validity Not Before: Dec 21 05:01:18 2025 GMT Not After : Dec 22 05:01:18 2025 GMT Subject: CN=2885e57ddaf86d1066d64e2a8797a79e6f7fbcee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:a7:06:84:2d:10:5d:ac:5d:ec:67:0d:39:5a: d0:19:97:06:3d:9e:67:b1:22:8e:38:3f:e9:5d:03: 0c:e6:46:88:75:47:25:5c:2e:65:f9:cf:ab:1c:69: bb:ac:f9:57:a9:a0:db:44:85:3d:b1:25:96:9e:b2: 91:10:9a:59:46:1d:5a:60:47:dd:ae:80:70:1c:62: e6:9a:07:b4:9a:c7:16:8f:0c:1f:2e:fe:1a:a7:a6: f8:23:ce:5e:7b:3c:d6:8b:62:f7:ff:83:ed:ef:0e: fa:61:ed:93:93:c5:6b:97:92:a3:5b:0b:ae:c3:f3: fa:b0:42:5c:48:fc:39:69:49:f8:90:33:5a:b6:7c: 36:9b:12:fb:fb:3b:0d:50:69:3e:63:14:f4:f5:ed: ee:4a:44:4a:ca:5b:50:4b:f9:cf:fc:37:e1:b2:87: 67:44:45:56:0b:b9:bb:0b:c5:32:71:e9:12:8a:a2: 49:99:a1:96:82:bb:c0:e8:72:87:f7:86:4b:76:0d: 52:96:73:cc:71:59:2c:90:1e:ea:3e:27:f6:74:12: 8b:85:c6:a5:71:4d:70:6f:c2:67:7a:55:7b:1e:68: e0:c9:bd:bb:46:a6:7e:ee:5d:2c:d5:eb:11:35:fa: f3:99:03:34:9a:b1:85:8b:df:7c:18:14:1c:eb:47: 41:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:85:E5:7D:DA:F8:6D:10:66:D6:4E:2A:87:97:A7:9E:6F:7F:BC:EE X509v3 Authority Key Identifier: keyid:97:08:72:45:93:B4:75:31:75:B2:14:81:2C:F6:89:1A:64:5F:84:C5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lwhyRZO0dTF1shSBLPaJGmRfhMU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/ae8c35-f9d7-437b-8996-32a4278e5bc5/1/lwhyRZO0dTF1shSBLPaJGmRfhMU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/99/ae8c35-f9d7-437b-8996-32a4278e5bc5/1/lwhyRZO0dTF1shSBLPaJGmRfhMU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 12:ba:06:b3:49:f4:18:63:12:96:79:0b:78:20:80:d3:a1:df: a6:c9:d7:84:2a:51:e9:0a:7b:7a:2a:f5:86:6b:37:29:6e:94: 44:8a:30:8e:c6:41:db:51:9b:bc:6a:55:71:3a:87:ee:49:ff: 13:08:b9:45:bb:df:c8:c8:8e:c4:f5:f4:b6:8f:c9:d6:22:82: 1f:e4:ae:16:f0:a0:b8:21:fd:31:7d:40:43:ce:7c:19:f8:87: 73:1f:57:4e:8a:66:84:99:95:d6:dc:aa:86:7d:b9:54:63:f7: 28:36:e5:06:4e:1b:74:96:b2:28:06:06:fe:8c:0a:0a:53:51: 13:1c:39:06:22:5f:3f:59:88:ab:d1:98:b3:9a:11:89:37:d6: e6:18:ad:67:22:9a:91:fb:c8:bc:a9:07:73:f1:93:47:52:3b: c2:ed:93:5b:73:c1:85:4d:03:82:f3:7f:10:21:94:28:c7:b8: 00:23:a5:c4:b3:bc:9f:0f:1a:53:fb:31:ed:a4:0f:bd:53:45: 52:cb:72:79:96:17:2b:07:21:75:1a:8d:16:f1:1c:8f:97:ae: 56:d7:22:90:4e:86:59:b5:26:86:42:8c:a4:88:0a:0a:58:29: af:c9:39:c4:55:ba:5f:ed:d2:bc:90:25:df:ce:f2:34:50:3c: cc:7b:b0:8d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/SJE0mlOhF2q6dKszjlknMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk3MDg3MjQ1OTNiNDc1MzE3NWIyMTQ4MTJjZjY4OTFhNjQ1 Zjg0YzUwHhcNMjUxMjIxMDUwMTE4WhcNMjUxMjIyMDUwMTE4WjAzMTEwLwYDVQQD EygyODg1ZTU3ZGRhZjg2ZDEwNjZkNjRlMmE4Nzk3YTc5ZTZmN2ZiY2VlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1qcGhC0QXaxd7GcNOVrQGZcGPZ5n sSKOOD/pXQMM5kaIdUclXC5l+c+rHGm7rPlXqaDbRIU9sSWWnrKREJpZRh1aYEfd roBwHGLmmge0mscWjwwfLv4ap6b4I85eezzWi2L3/4Pt7w76Ye2Tk8Vrl5KjWwuu w/P6sEJcSPw5aUn4kDNatnw2mxL7+zsNUGk+YxT09e3uSkRKyltQS/nP/Dfhsodn REVWC7m7C8UycekSiqJJmaGWgrvA6HKH94ZLdg1SlnPMcVkskB7qPif2dBKLhcal cU1wb8JnelV7Hmjgyb27RqZ+7l0s1esRNfrzmQM0mrGFi998GBQc60dBswIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCiF5X3a+G0QZtZOKoeXp55vf7zuMB8GA1UdIwQY MBaAFJcIckWTtHUxdbIUgSz2iRpkX4TFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbHdoeVJaTzBkVEYxc2hTQkxQYUpHbVJmaE1VLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9hZThjMzUtZjlkNy00MzdiLTg5OTYt MzJhNDI3OGU1YmM1LzEvbHdoeVJaTzBkVEYxc2hTQkxQYUpHbVJmaE1VLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OS9hZThjMzUtZjlkNy00MzdiLTg5OTYtMzJhNDI3OGU1YmM1 LzEvbHdoeVJaTzBkVEYxc2hTQkxQYUpHbVJmaE1VLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEroGs0n0 GGMSlnkLeCCA06HfpsnXhCpR6Qp7eir1hms3KW6URIowjsZB21GbvGpVcTqH7kn/ Ewi5RbvfyMiOxPX0to/J1iKCH+SuFvCguCH9MX1AQ858GfiHcx9XTopmhJmV1tyq hn25VGP3KDblBk4bdJayKAYG/owKClNRExw5BiJfP1mIq9GYs5oRiTfW5hitZyKa kfvIvKkHc/GTR1I7wu2TW3PBhU0DgvN/ECGUKMe4ACOlxLO8nw8aU/sx7aQPvVNF UstyeZYXKwchdRqNFvEcj5euVtcikE6GWbUmhkKMpIgKClgpr8k5xFW6X+3SvJAl 387yNFA8zHuwjQ== -----END CERTIFICATE-----Generated at Sun Dec 21 11:59:08 2025 by rpki-client